You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Nautobot versions 1.1.0 through 1.2.2 are vulnerable to CVE-2021-23727 which affects Celery versions before 5.2.2. Nautobot v1.2.3 requires Celery version 5.2.2 or later, which requires Python 3.7 or later.
It is highly recommended that users of Python 3.6 prioritize upgrading to a newer version of Python. Nautobot will be removing support for Python 3.6 in a future update.
For users remaining on Python 3.6, please know that upgrading to Nautobot v1.2.3 will not resolve this CVE for your installation. The only remedy at this time is to upgrade your systems utilize Python 3.7 or later.
security disclosurePublic record of a security disclosure, including impact analysis and outcome.
1 participant
Heading
Bold
Italic
Quote
Code
Link
Numbered list
Unordered list
Task list
Attach files
Mention
Reference
Menu
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Nautobot
-
Nautobot versions 1.1.0 through 1.2.2 are vulnerable to CVE-2021-23727 which affects Celery versions before 5.2.2. Nautobot v1.2.3 requires Celery version 5.2.2 or later, which requires Python 3.7 or later.
It is highly recommended that users of Python 3.6 prioritize upgrading to a newer version of Python. Nautobot will be removing support for Python 3.6 in a future update.
For users remaining on Python 3.6, please know that upgrading to Nautobot v1.2.3 will not resolve this CVE for your installation. The only remedy at this time is to upgrade your systems utilize Python 3.7 or later.
Beta Was this translation helpful? Give feedback.
All reactions